Numerous countries have surveillance programs to monitor Skype and other VoIP, such as Saudi Arabia, UAE, Ethiopia, China, Egypt, Indonesia, Pakistan, India ect... In short, never use Skype for confidential communications.

Numerous countries have surveillance programs to monitor Skype and other VoIP, such as Saudi Arabia, UAE, Ethiopia, China, Egypt, Indonesia, Pakistan, India ect... In short, never use Skype for confidential communications.

Or, use it to distract the "good guys". Kinda like a reverse honey pot. Plant false information on Skype to lead the authorities in one direction while sending the REAL information via physical media. Perhaps hard drives delivered by a flock of homing pigeons.

On the one hand, few people have secrets worth worrying about if falling into the wrong hands. Well, except extortionists, sextortionists, hackers, government agencies, spammers, bots, social media corporations, identity thieves, spoofers...

On the one hand, few people have secrets worth worrying about if falling into the wrong hands. Well, except extortionists, sextortionists, hackers, government agencies, spammers, bots, social media corporations, identity thieves, spoofers...

I guess the reality is that very little is secure.

You forgot "anyone who has ever had a private conversation" on that list.

On the one hand, few people have secrets worth worrying about if falling into the wrong hands. Well, except extortionists, sextortionists, hackers, government agencies, spammers, bots, social media corporations, identity thieves, spoofers...

I am not sure if I have missed something, but I have not heard of the PRISM programme (or any other surveillance programme that have been revealed with Snowden's help (deeply appreciative bow to Snowden)) talk about being able to get into Blackberry communications.

Let me elaborate. BB has been in confrontations with various governments because all communications were encrypted and securely transported thru BB's servers. My question is - was their encryption so iron-clad that none of the surveillance programs have been able to get into it? It is quite well known that the US President used a BB for the longest time until an i device was secure enough for him to be able to use it. NY state governor Cuomo has also decreed that all his communications would take place over BBMessenger - this being device-to-device with no server traceability.

If the answer to all of my above speculation is 'No - BB has not been tracked or cracked' then I can lead you to the next speculation. Was BB killed by the powers that be because it was so untraceable?

They used this against Kim Dotcom long before the Snowden leaks.The terrorist argument is getting old when they already proven time and time again that they will use it against anyone, even in cases that should be entirely a civil matter like copyright infringement.

I am not sure if I have missed something, but I have not heard of the PRISM programme (or any other surveillance programme that have been revealed with Snowden's help (deeply appreciative bow to Snowden)) talk about being able to get into Blackberry communications.

Let me elaborate. BB has been in confrontations with various governments because all communications were encrypted and securely transported thru BB's servers. My question is - was their encryption so iron-clad that none of the surveillance programs have been able to get into it? It is quite well known that the US President used a BB for the longest time until an i device was secure enough for him to be able to use it. NY state governor Cuomo has also decreed that all his communications would take place over BBMessenger - this being device-to-device with no server traceability.

If the answer to all of my above speculation is 'No - BB has not been tracked or cracked' then I can lead you to the next speculation. Was BB killed by the powers that be because it was so untraceable?

Per public reports, BlackBerry PIN messaging can be accessed between arbitrary devices on the network.

I haven't read anything indicating that PIN messaging between BlackBerry devices associated with the same BES has been compromised. Supporting that observation, I believe the main use case from BlackBerry devices today is PIN messaging for executives and politicians. BlackBerry basically returned to their original roots in that respect.

Politicians go through all sorts of hoops to avoid very intrusive public records laws. Many have private POTS lines in their offices paid for personally to avoid disclosing who they are talking to on a regular basis. (Phone bills are generally subject to freedom of information requests)

I am not sure if I have missed something, but I have not heard of the PRISM programme (or any other surveillance programme that have been revealed with Snowden's help (deeply appreciative bow to Snowden)) talk about being able to get into Blackberry communications.

Let me elaborate. BB has been in confrontations with various governments because all communications were encrypted and securely transported thru BB's servers. My question is - was their encryption so iron-clad that none of the surveillance programs have been able to get into it? It is quite well known that the US President used a BB for the longest time until an i device was secure enough for him to be able to use it. NY state governor Cuomo has also decreed that all his communications would take place over BBMessenger - this being device-to-device with no server traceability.

If the answer to all of my above speculation is 'No - BB has not been tracked or cracked' then I can lead you to the next speculation. Was BB killed by the powers that be because it was so untraceable?

Yes, you cracked the case. Apple and Google were secretly used by the powers that be to enter and then dominate the smartphone market over a period of years. All to bypass Blackberry encryption. It was the world's most expensive and elaborate front for an intelligence operation ever conducted, which is why nobody suspected until now.

I am not sure if I have missed something, but I have not heard of the PRISM programme (or any other surveillance programme that have been revealed with Snowden's help (deeply appreciative bow to Snowden)) talk about being able to get into Blackberry communications.

Let me elaborate. BB has been in confrontations with various governments because all communications were encrypted and securely transported thru BB's servers. My question is - was their encryption so iron-clad that none of the surveillance programs have been able to get into it? It is quite well known that the US President used a BB for the longest time until an i device was secure enough for him to be able to use it. NY state governor Cuomo has also decreed that all his communications would take place over BBMessenger - this being device-to-device with no server traceability.

If the answer to all of my above speculation is 'No - BB has not been tracked or cracked' then I can lead you to the next speculation. Was BB killed by the powers that be because it was so untraceable?

Yes, you cracked the case. Apple and Google were secretly used by the powers that be to enter and then dominate the smartphone market over a period of years. All to bypass Blackberry encryption. It was the world's most expensive and elaborate front for an intelligence operation ever conducted, which is why nobody suspected until now.

You would think they would have put in the Lawdrome annex by now. Only lawyers with a different room for each variety of law they practiced. DAs followed around reproachfully stared at by all the people they fabricated evidence against in the jury box, the Judge <Judge Judy> giving them a screaming at while they vainly search the courtroom for their council, only to find that they are not allowed to access ANY of the evidence against them, and can't remember what was said when it comes time to rebut. Divorce lawyers followed eternally by their ex-wives/husbands demanding their property (Because no divorce in hell) while defecating said items one by one (smallest to largest) only to have to start again when one comes out in the wrong order. Defense council and civil liberties lawyers... strangely absent.

A more accurate opening statement would be:"Last year, Ars documented how Microsoft scanned instant messages that it claimed were securely encrypted for potentially abusive Web links."

It can't be a challenge for Microsoft when they designed the system that implements the "message encryption" in the first place.

The revised statement doesn't seem much different from the original to me. And it's not obvious that a cryptographic system's designer will be able to read traffic encrypted using that system. Most cryptographic systems are designed to be as secure against the original creator as against a hostile third party that knows every implementation detail.

A more accurate opening statement would be:"Last year, Ars documented how Microsoft scanned instant messages that it claimed were securely encrypted for potentially abusive Web links."

It can't be a challenge for Microsoft when they designed the system that implements the "message encryption" in the first place.

The revised statement doesn't seem much different from the original to me. And it's not obvious that a cryptographic system's designer will be able to read traffic encrypted using that system. Most cryptographic systems are designed to be as secure against the original creator as against a hostile third party that knows every implementation detail.

My issue is with the word "challenge". Microsoft clearly redesigned the system as it saw fit, thus removing any challenge from the endeavor.

A friend of mine and I talk on Skype a lot. It's easier and cheaper than regular phones given the fact that she lives in Australia, and I don't.

Our connection is usually pretty iffy, and we've had many dropped calls. While it's probably the fact that Australia's connections are sometimes bad, I've taken to telling her that the NSA's probably screwing around with it, and off-hand stating "Stop the crap, guys" to some unseen person I jokingly tell her who's listening in on our conversation.

Maybe I should be more careful with my words because the NSA probably is listening in on it.

But I won't take down my tag line which states "The NSA can go to hell". They can and should.

I am not sure if I have missed something, but I have not heard of the PRISM programme (or any other surveillance programme that have been revealed with Snowden's help (deeply appreciative bow to Snowden)) talk about being able to get into Blackberry communications.

Let me elaborate. BB has been in confrontations with various governments because all communications were encrypted and securely transported thru BB's servers. My question is - was their encryption so iron-clad that none of the surveillance programs have been able to get into it? It is quite well known that the US President used a BB for the longest time until an i device was secure enough for him to be able to use it. NY state governor Cuomo has also decreed that all his communications would take place over BBMessenger - this being device-to-device with no server traceability.

If the answer to all of my above speculation is 'No - BB has not been tracked or cracked' then I can lead you to the next speculation. Was BB killed by the powers that be because it was so untraceable?

I think Obama is still suffering with that 8000 series BlackBerry. He has a hacked iPad, but not for anything secure.

BlackBerry bb10 is FOC. I'm really surprised they don't let him upgrade. Perhaps use that crypto chip that Merkel uses.

A more accurate opening statement would be:"Last year, Ars documented how Microsoft scanned instant messages that it claimed were securely encrypted for potentially abusive Web links."

It can't be a challenge for Microsoft when they designed the system that implements the "message encryption" in the first place.

The revised statement doesn't seem much different from the original to me. And it's not obvious that a cryptographic system's designer will be able to read traffic encrypted using that system. Most cryptographic systems are designed to be as secure against the original creator as against a hostile third party that knows every implementation detail.

Just because your account has a password does not mean it is protected from everyone. In the case of skype, the Encryption is controlled by MS, and as a result, they have access to see and/or modify your communications using that or any other communication that they control. The only way to help prevent that would be for the users to setup point to point encryption for the source and destination that only the source and destination control. Then your only vulnerable to the weaknesses of the encryption protocol, not the whimsy of a third party.

Now unfortunately I do believe that this is important information, even if it is unsuprising.

The first reason is that there are an unsuprisingly large number of people who feel that passwords mean their information and data is protected from everyone. They don't even realize the importance of encryption when protecting data.

And the second reason is that this means either MS had a serious weakness in their encryption and did not know it, or they were colluding with the NSA. I personally suspect the former, rather than the later. That one is especially supported by the leaks from Snow that the NSA keeps some exploits for themselves, and the scare from the discovery of the heartbleed bug.

A more accurate opening statement would be:"Last year, Ars documented how Microsoft scanned instant messages that it claimed were securely encrypted for potentially abusive Web links."

It can't be a challenge for Microsoft when they designed the system that implements the "message encryption" in the first place.

The revised statement doesn't seem much different from the original to me. And it's not obvious that a cryptographic system's designer will be able to read traffic encrypted using that system. Most cryptographic systems are designed to be as secure against the original creator as against a hostile third party that knows every implementation detail.

That would be an attribute of a functional cryptographic system, which implies that whatever Microsoft implemented on Skype was something else entirely. The post you quote points out that MS "claimed" the messages were securely encrypted, and their ability to intercept them proves otherwise.

Numerous countries have surveillance programs to monitor Skype and other VoIP, such as Saudi Arabia, UAE, Ethiopia, China, Egypt, Indonesia, Pakistan, India ect... In short, never use Skype for confidential communications.

Well, no surprise here. Never trust any crypto that isn't open source. Especially not crypto that Ars already proved was being decrypted in flight.

Never trust a crypto that hasn't bee rigorously tested or that lacks strong private keys and elliptical algorithms.

Trusting something merely because it is "open source" is believing in magic not substantiated by fact.

I would think that given all the open-source bugs that have been discovered in the past few months, particularly ones that have existed undetected for years, people would become a bit more skeptical about the inherent goodness of open source.

In theory, it gives things more eyes but not necessarily better eyes or a better process.

I am not sure if I have missed something, but I have not heard of the PRISM programme (or any other surveillance programme that have been revealed with Snowden's help (deeply appreciative bow to Snowden)) talk about being able to get into Blackberry communications.

Let me elaborate. BB has been in confrontations with various governments because all communications were encrypted and securely transported thru BB's servers. My question is - was their encryption so iron-clad that none of the surveillance programs have been able to get into it? It is quite well known that the US President used a BB for the longest time until an i device was secure enough for him to be able to use it. NY state governor Cuomo has also decreed that all his communications would take place over BBMessenger - this being device-to-device with no server traceability.

If the answer to all of my above speculation is 'No - BB has not been tracked or cracked' then I can lead you to the next speculation. Was BB killed by the powers that be because it was so untraceable?

I still maintain as my (non expert) opinion that the first step to low velocity privacy is in utilizing the "one time pad." It is slow, painful, and meticulous, yet immune when properly utilized to high tech infiltration. Second, implement multiple nested routines where the product of the first is used to generate the second, a third, or whatever one deems as necessary. Decryption follows the reverse procedure(s).

If the government does not have the ability to detect a sensible result at any stage, they better pack a lunch because they are in for A LOT OF WORK. Further, why not change keys and algorithms based on time or calender such as a "code of the day" scheme? Have a proxy attach data for you to a recipient. This is not rocket science and not even Uncle Sam's double Mensa working at the (Terrorist Threat Integration Center Ttic) in Las Vegas can do squat about it.

Well, no surprise here. Never trust any crypto that isn't open source. Especially not crypto that Ars already proved was being decrypted in flight.

Never trust a crypto that hasn't bee rigorously tested or that lacks strong private keys and elliptical algorithms.

Trusting something merely because it is "open source" is believing in magic not substantiated by fact.

I would think that given all the open-source bugs that have been discovered in the past few months, particularly ones that have existed undetected for years, people would become a bit more skeptical about the inherent goodness of open source.

In theory, it gives things more eyes but not necessarily better eyes or a better process.

My point was only that close source crypto is a non starter. Sure, open source isn't a silver bullet, but I will not rely on an encryption system I can't audit for myself if I want to.